<?php
/**
 * 登录处理程序
 */
!function_exists('adminmsg') && die('Forbbiden');

if($action=='in')
{
	/*
	if($very['ckadmin'])
	{
	empty($ck) && Showmsg('login_nock');
	$ck = strtolower($ck);
	GdConfirm($ck);
	}
	*/
	//	echo $username;
	//	echo $password;
	//	//exit;
	if(empty($username) || empty($password)) Showmsg('login_empty');
	$login_name = trim($login_name);
	$password = MD5(trim($password));

	if($username==$manager && $password==$manager_pwd)
	{ //创始人
		if ($_POST['autologin']) {
			$time = 'F';
			Cookie('login', $username . "\t" . $password, $time);
		} else {
			Cookie('login', $username . "\t" . $password);
		}
		$adminFileName = end(explode('/',$admin_file));
		ObHeader($adminFileName);
	}
	else
	{ //非创始人
		$admininfo = $db->get_one("SELECT password,loginfail,logintime FROM cms_user WHERE username='$username' LIMIT 1");
		if($admininfo['loginfail'] >= 15){
			if($admininfo['logintime']+3600*24 > $timestamp){
				$db->update("UPDATE cms_user SET loginfail=0 WHERE username='$login_name'");
			}else{
				Showmsg('login_maxerror');
			}
		}
		if(!$admininfo || $admininfo['password']!=$password)
		{
			$db->update("UPDATE cms_user SET loginfail=loginfail+1,logintime='$timestamp',ip='$onlineip' WHERE username='$username'");
			$record_name= str_replace('|','&#124;',Char_cv($_POST['username']));
			$record_pwd	= str_replace('|','&#124;',Char_cv($_POST['password']));
			$new_record="<?die;?>|$record_name|$record_pwd|Logging Failed|$onlineip|$timestamp|\n";
			writeover($logfile,$new_record,"ab");
			adminmsg('login_error');
		}
		else
		{
			//print_r($_POST);exit;
			if ($_POST['autologin']) {
				$time = 'F';
				Cookie('login', $username . "\t" . $password, $time);
			} else {
				Cookie('login', $username . "\t" . $password);
			}
			$db->update("UPDATE cms_user SET loginfail=0,logintime='$timestamp',ip='$onlineip' WHERE username='$username'");
			$adminFileName = end(explode('/',$admin_file));
			ObHeader($adminFileName);
		}
	}
}
elseif($action=='out')
{
	Cookie('login','', 'F');
	$adminFileName = end(explode('/',$admin_file));
	ObHeader($adminFileName);
}
require PrintEot('header');
require PrintEot('login');
adminbottom();
?>